|
290301
|
- |
|
wppa.opajaap
|
wp-photo-album-plus
|
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the comm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3254
|
2024-11-21 10:53 |
2013-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290302
|
- |
|
adobe
|
coldfusion
|
Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-3336
|
2024-11-21 10:53 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290303
|
- |
|
juniper
|
smartpass
|
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3498
|
2024-11-21 10:53 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290304
|
- |
|
juniper
|
junos_space
junos_space_virtual_appliance
junos_space_ja1500_appliance
|
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attack…
|
CWE-255
Credentials Management
|
CVE-2013-3497
|
2024-11-21 10:53 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290305
|
- |
|
gwos
|
groundwork_monitor
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for …
|
CWE-352
Origin Validation Error
|
CVE-2013-3513
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290306
|
- |
|
gwos
|
groundwork_monitor
|
The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization checks, which allows remote authenticated users to read or modify configuration settings via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2013-3512
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290307
|
- |
|
gwos
|
groundwork_monitor
|
Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified …
|
CWE-20
Improper Input Validation
|
CVE-2013-3511
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290308
|
- |
|
gwos
|
groundwork_monitor
|
Multiple SQL injection vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote authenticated users to execute arbitrary SQL commands via (1) nedi/html/System-Export.php, (2) nedi/html/Dev…
|
CWE-89
SQL Injection
|
CVE-2013-3510
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290309
|
- |
|
gwos
|
groundwork_monitor
|
html/System-NeDi.php in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the scan functionality in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3509
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290310
|
- |
|
gwos
|
groundwork_monitor
|
html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via vectors invo…
|
CWE-94
Code Injection
|
CVE-2013-3508
|
2024-11-21 10:53 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
